Effective as from 2018-05-16
Last update 2022-12-12
In the course of our business, we, Setterwalls Advokatbyrå AB, reg. no. 556774-5772, (“Setterwalls”) and the office companies Setterwalls Advokatbyrå Stockholm AB, reg. no. 556874-3230, Setterwalls Advokatbyrå Göteborg AB, reg. no. 556594-3221, and Setterwalls Advokatbyrå Malmö AB, reg. no. 556624-3787, may process personal data relating to you.
Personal data is data which directly or indirectly relates to a living individual; e.g., name, phone number, and e-mail address.
You are not required to furnish any personal data with us (except as required by law, e.g., pursuant to a subpoena), but if you do not do so, we may not be able to undertake an engagement for you, process your job application, send newsletters or seminar invitations to you, etc.
It is important for us to protect your personal data and to ensure that we process such data fairly and lawfully. In this policy, under each of the headings:
- Personal data relating to engagements (section 1)
- Personal data relating to job applicants (section 2)
- Personal data relating to contact person of clients, suppliers and collaboration partners (section 3)
- Personal data relating to seminars, events, newsletters and other mailings (section 4)
- Personal data relating to website visitors (section 5)
- Personal data relating to other persons (section 6)
we inform you about who is responsible (data controller) for the processing of personal data relating to you, the types of personal data we will process and for which purposes and on the basis of which legal grounds, how the data is collected, with whom the data will be shared, and how long the data will be stored. In this policy we also inform you about the related rights you have and how you can contact us (the data controllers) with questions about this policy or our processing of personal data.
1. Personal data relating to engagements
When you or someone else engages Setterwalls for an engagement, we will collect, store and otherwise process personal data relating to you in accordance with this section 1.
Who is data controller? Each office company is controller for the processing relating to the engagement carried out by its staff, and is simultaneously processor for Setterwalls and for the other office company/companies, which are involved in the performance of the engagement.
What personal data will be processed? The personal data we will process comprises:
(a) On client that is a natural person: name, personal identification number (or other information on date of birth), contact information (such as address, e-mail address and telephone number), copy of passport or other identification, engagement title, information on the overall objective of the engagement, information of the origin of the assets that will be used in connection with the engagement, information on whether the client or any affiliate or known associate of them is a political exposed person, and name and profession/position of such politically exposed person, and our invoicing, payment history and payment reminders to/with the client.
(b) On client that is a legal person: name, personal identification number (or other information on date of birth), title, employer, contact details (such as address, e-mail address and telephone number) and copy of passport or other identification for contact person of the client and any beneficial owner of the client, data in the certificate of incorporation or similar for the client, as well as information on whether such beneficial owner or any affiliate of known associate of such person is a political exposed person, and name and profession/position of such politically exposed person.
(c) On counterparty that is a natural person: name, personal identification number (or other information on date of birth), contact information (such as address, e-mail address and telephone number) as well as engagement title.
(d) On counterparty that is a legal entity: name, title, employer, and contact information (such as address, e-mail address and telephone number) of contact person of the counterparty.
(e) On other persons related to the engagement (e.g., legal representative of the counterparty, arbitrators, other consultants engaged in connection with the engagement, and witnesses): name, title, employer, and contact information (such as address, e-mail address and phone number).
(f) Single pieces of data relating to that the client, a contact person or beneficial owner of the client, or someone they are acting for in connection with the engagement have been convicted of crimes, have been involved in several bankruptcies, have had bad publicity relating to business matters, or otherwise can be assumed to be unserious, or single pieces of data relating to that the engagement is, or is suspected to be, part of money laundering or other criminal offence.
(g) Other single pieces of data relating to criminal conviction or offences, or sensitive personal data (i.e., information revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, or concerning health or sexual life) when the engagement, on the basis of its nature, raises such personal data (e.g., an engagement relating to dismissal or termination of employment due to personal reasons, or alleged discrimination).
(h) Other personal data than the data referred to in (a)–(g) above, which the engagement, on the basis of its nature, raises.
Otherwise, we will not process any sensitive personal information.
How is personal data collected? The personal data is provided to us by, or on behalf of, you, the client, the counterparty, the counterparty’s counsel or other persons related to the engagement, or collected by us from such persons or from private or public records or sources. Personal data referred to in (f) above is not actively collected by us, and personal data referred to in (f) and (g) above is collected only to the limited extent necessary for the purpose.
For which purposes and on which legal grounds will personal data be processed?
- Personal data will be processed for the purposes of enabling and making required conflict of interest checks, evaluating and deciding whether we can undertake or need to resign from the engagement, and fulfilling our legal, regulatory, and risk management obligations in general, respectively. Such processing is carried out on the basis of our legitimate interest of efficient and correct such checks, evaluation and decision-making, and on the basis that it is necessary for compliance with our obligations under the Swedish Anti Money Laundering legislation, EU’s Market Abuse Regulation, other applicable legislation as well as the Rules of the Swedish Bar Association, respectively.
- Personal data will be processed for the purposes of enabling and effectuating invoicing, accounting for fees and other aspects of the engagement and accounts receivable recovery, and to otherwise protect our rights related to the engagement, respectively. Such processing is carried out on the basis of our (and the client’s) legitimate interest of efficient and accurate billing, accounting for fees and other aspects of the engagement and accounts receivable recovery, and on the basis that it is necessary for the establishment, exercise or defence of our legal claims, respectively.
- Personal data will be processed for the purpose of executing the engagement and our acting as legal representative of the client. Such processing is carried out on the basis of our and the client’s legitimate interest of efficient and accurate meetings and communications with the persons involved in the engagement, and efficient and accurate documentation, administration, management, and evaluation of the engagement, and on the basis that it is necessary for the establishment, exercise or defence of the client’s legal claims, respectively.
- Personal data will be processed for the purposes of internal statistics and analysing and developing of our business, respectively. Such processing is carried out on the basis of our legitimate interest to follow and develop our business.
- Despite the above-mentioned, personal data referred to in (f) above will be processed solely for the purposes of evaluating and deciding if we can undertake or need to resign from the engagement, and fulfilling our legal obligations, respectively. Such processing is carried out on the basis of, and only to the limited extent, that it is necessary to fulfil our obligations under the Swedish Anti Money Laundering legislation.
- Despite the above-mentioned, personal data referred to in (g) above will be processed only for the purpose of executing the engagement and our acting as legal representative of the client. Such processing is carried out on the basis of, and only to the limited extent, that it is necessary for the establishment, exercise or defence of the client’s legal claims.
With whom will personal data be shared? The personal data will be the subject of legal attorney privilege and our obligation of secrecy and is shared, subject to the restrictions imposed by the Rules of the Swedish Bar Association, with the office companies, but will not be disclosed to any third parties except in the following cases (and then in compliance with the said rules):
- Personal data will be disclosed to the client’s insurer (legal expenses insurance), the counterparty, the counterparty’s counsel, an arbitral tribunal, a court, a government authority or agency, a bank, other consultant engaged in connection with the engagement, or similar persons to the extent necessary to protect the client’s interests and does not conflict with the client’s instructions.
- Personal data will be disclosed to the client’s auditor or other persons in accordance with the client’s instructions.
- Personal data will be disclosed to the Swedish Financial police when and to the extent we are required to do so under the Swedish Anti Money Laundering legislation.
- Personal data will be disclosed to our bank when we hold funds of a client with that bank, if the bank requests information on the client and its beneficial owner(s) and our documentation on this in accordance with the Swedish Anti Money Laundering legislation, provided that the client, as a condition for the client’s use of our client accounts, have consented to that such disclosure may be made.
- Personal data will be disclosed to the Swedish Bar Association bar when and to the extent we are required to do so by the Rules of the Swedish Bar Association.
- Personal data will be disclosed to a governmental authority or agency or someone else when and to the extent we are required to do so under applicable law.
- Personal data will be disclosed to our professional liability insurer, our professional liability insurance brokers, our accountants, counsel that we or such insurer have engaged, the Swedish Enforcement Authority (Sw. Kronofogdemyndigheten) or a debt collector, a court, an arbitral tribunal, or to our counterparty or its counsel to the extent necessary to protect our legal interests.
As a general rule, no personal data will be transferred outside the EU/EEA. Such transfer will however occur when it is necessary in the individual case for the purpose of the processing (e.g., to instruct counsel in the USA or other country outside the EU/EEA on behalf of the client), in which case we will ensure that the transfer is subject to adequate safeguards in accordance with EU’s General Data Protection Regulation. Such appropriate safeguards will comprise of, for example, that the receiving country ensures an adequate level of protection or be ensured through the use of EU-approved standard contractual clauses. If you want information on such transfer, you must submit a written request to us via the contact details set out in section 10.
For how long is personal data stored? Personal data is stored for as long as the Rules of the Swedish Bar Association requires us to keep the file of the engagement, i.e., until ten years after completion of the engagement (or for such longer time as is called for by the nature of the engagement), whereafter the data is deleted. Despite above mentioned, we will store names, personal identification numbers (or equivalent) and engagement titles of clients and counterparties that are natural persons in order to enable us to make necessary conflict checks in accordance with the Rules of the Swedish Bar Association. See also sections 3 and 6 regarding certain data relating to contact persons et al.
2. Personal data relating to job applicants
When you apply for a job with us or otherwise communicate you interest for such a job, we will collect, store and otherwise process personal data relating to you in accordance with this section 2.
Who is data controller? Each office company is controller for the processing relating to application for a job, or communication of interest of a job, at the office carried out by its staff, and is simultaneously processor for the other office company/companies, which are covered by such application or communication of interest.
What personal data will be processed? The personal data we will process comprises name and contact information (such as address, phone number and e-mail address), personal identification number (or other information on date of birth), gender, job applied for or office and job of interest, information in personal letter, CV and merits and other documents provided, information furnished by reference persons, your test scores, notes and summaries of interviews and discussions during the recruitment process, as well as summaries and analyses relating to you by recruitment consultant or other service provider engaged in connection with the recruitment. We will not process any sensitive personal information (i.e., information revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, or concerning health or sex life).
How is personal data collected? Personal data is provided to us by, or on behalf of, you through our digital recruitment tool or otherwise, or by a recruitment consultant or other service provider engaged in connection with the recruitment, and is collected from reference persons, by the tests you undertake in the course of the recruitment process and from private or public records and other sources.
For which purposes and on which legal grounds will personal data be processed? Personal data will be processed for the purpose of performing the recruitment process. Such processing is carried out on the basis of our legitimate interest of efficient and correct recruitment processes. If you have consented to that personal data will be processed for future recruitments, personal data may be processed for that purpose, which processing is then carried out on the basis of such consent.
With whom will personal data be shared? Personal data will be shared with the other office companies and will be disclosed to any recruitment consultant or other service provider engaged in connection with the recruitment process. No personal data is transferred outside the EU/EEA.
For how long is personal data stored? Personal data will be stored until the recruitment process is completed, whereafter the data will be deleted. If you have consented to that personal data will be processed for future recruitments, such data will instead be stored for two years after you gave the consent (or until the consent is revoked), whereafter the data is deleted. Despite the above mentioned, we will store data for as long as a job seeker not employed can take legal actions in respect of the recruitment.
3. Personal data relating to contact persons of clients, suppliers and collaboration partners
If you are, or are a contact person of, client, supplier or collaboration partner to us, we will collect, store and otherwise process personal data relating to you in accordance with this section 3.
Who is data controller? Each office company is controller for the processing carried out by its staff relating to its client, supplier and collaboration partner relationships, and is simultaneously processor for Setterwalls and for the other office company/companies, which are covered by the client, supplier or collaboration partner relationship.
What personal data will be processed? The personal data we will process comprises name, title, employer, contact details (such as address, e-mail address and telephone number), information about your contact persons with us, information on areas of interest for newsletter and other mailings, information on participation in our seminars and events, as well as notes and summaries from meetings with you (except in the context of an engagement). We will not process any sensitive personal data (i.e., information revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, or concerning health or sex life). In the context of an engagement, additional personal data will be processed in accordance with section 1.
How is personal data collected? Personal data is provided to or collected by us in connection with an engagement in accordance with section 1, or is otherwise provided to us by, or on behalf of, you, the client, the supplier, the collaboration partner or someone who mediates contact between us, or is collected by us from such persons or from private or public records or other sources.
For which purposes and on which legal grounds will personal data be processed?
- Personal data will be processed in accordance with section 1.
- Personal data will be processed for the purpose of managing the relationship with the client/supplier/collaboration partner. Such processing is carried out on the basis of our legitimate interest to manage the relationships with our clients, suppliers and collaboration partners.
- Personal data will be processed for the purposes of, through you, maintaining and developing the relationship with the client/supplier/collabora¬tion partner, and, if you have not objected against that, marketing our services (e.g., through newsletters and other mailings, and invitations to seminars and events), respectively. Such processing is carried out on the basis of our legitimate interest to maintain and develop relationships with our clients, suppliers and collaboration partners, and to market our services, respectively.
- If you have not objected against that, your personal data will be processed, subject to the Rules of the Swedish Bar Association, for the purpose of facilitating industry and market researches by appointed service providers (such as Law Firm of the Year, Chambers and Partners and Legal 500 researches and rankings), and analysing and developing our business, respectively. Such processing is carried out on the basis of our legitimate interest to benchmark and develop our business.
- If you have consented thereto, your personal data will be processed for the purpose of using you as reference person for another client/supplier/collaboration partner or potential client/supplier/collaboration partner (e.g., in connection with public procurement). Such processing is carried out on the basis of such consent.
With whom will personal data be shared? The personal data will be the subject of legal attorney privilege and our obligation of secrecy and is shared, subject to the restrictions imposed by the Rules of the Swedish Bar Association, with the office companies, but will not be disclosed to any third parties except in the following cases (and then in compliance with the said rules):
- Personal data will be disclosed in accordance with section 1.
- Personal data will be disclosed to a client, supplier or collaboration partner, or a potential client, supplier or collaboration partner, requesting a reference about us.
- Personal data will be disclosed to a service provider engaged for performing industry or market research.
As a general rule, no personal data will be transferred outside the EU/EEA. Such transfer will however occur when it is necessary in the individual case for the purpose of the processing, in which case we will ensure that the transfer is subject to adequate safeguards in accordance with EU’s General Data Protection Regulation. Such appropriate safeguards will comprise of, for example, that the receiving country ensures an adequate level of protection or be ensured through the use of EU-approved standard contractual clauses. If you want information on such transfer, you must submit a written request to us via the contact details set out in section 10.
For how long is personal data stored? Personal data is stored in accordance with section 1 to the extent the data is part of an engagement. In addition, personal data will be stored as long as the client/supplier/collaboration partner relationship is ongoing and is deleted within three months after the client/supplier/collaboration partner relationship is terminated by us or the client/supplier/collaboration partner or after us having been informed that your position as contact person of the client/supplier/collaboration partner has ceased. Despite the above mentioned, personal data comprising name, title, employer, contact details (such as address, e-mail address and telephone number) and information on areas of interest for newsletter and other mailings will be stored also thereafter for processing for marketing purposes until you object against that, whereupon it will be deleted. In addition, we will always store your personal data to the extent and for the period of time that we are required to by law, including the Swedish Bookkeeping Act.
4. Personal data relating to seminars, events, newsletters and other mailings
When you, through our website, social media channels, our digital mailing/invitation system or otherwise notify us of your interest of our seminars, events, newsletters or other mailings or register for any of our seminars or events, we will collect, store and otherwise process personal data relating to you in accordance with this section 4.
Who is data controller? Each office company is controller for the processing carried out by its staff relating to mailings of newsletters or invitations etc. or relating to registration for seminars or events, and is simultaneously processor for Setterwalls and for the other office company/companies, which are concerned by such mailing or registration.
What personal data will be processed? The personal data we will process comprises name, title, employer, contact details (such as address, telephone number and e-mail address), information about areas of interest for newsletter and other mailings, information on registration for participation in seminars or event and, in the case of a seminar or event offering food, special food preferences.
How is personal data collected? Personal data is provided to us by, or on behalf of, you through our website, our social media channels, our digital mailing/invitation system or otherwise.
For which purposes and on which legal grounds will personal data be processed?
- Personal data will be processed for the purpose of administering the submission to you of invitations to seminars and events, newsletters and other mailings. Such processing is carried out on the basis of our legitimate interest to submit such mailings to you in accordance with your specified preferences.
- Personal data will be processed for the purpose of administer the arranging (including in respect of food) of seminars and events with you as participant. Such processing is carried out on the basis of our legitimate interest to administer seminar and event with you as participant.
With whom will personal data be shared? Personal data will as a general rule not be disclosed to any third parties, except through the name tag you will be offered to wear during a seminar or event, or through a list of attendees handed out in connection with a seminar or event. The personal data will be shared with our accountants in the performance of their internal audit. No personal data will be transferred outside the EU/EEA.
For how long is personal data stored? Information on your food preferences will be deleted as soon as the related seminar or event has been held. Other personal data will be stored until you deregister/unsubscribe for our seminars, events, newsletters and other mailings, whereupon they are deleted.
5. Personal data relating to website visitors
When you use our website, we will (in addition to the personal data you will provide us via our website through our digital recruitment tool, as outlined in section 2, or by notifying us of your interest of seminars, events, newsletters or other mailings or registering for any of our seminars or events, as outlined in section 4) collect, store and otherwise process personal data relating to you in accordance with this section 5.
Who is data controller? Each office company is controller for the processing relating to website visitors carried out by its staff, and is simultaneously processor for Setterwalls and for the other office companies.
What personal data will be processed? The data we will process comprises of IP address (which are made anonymous), e-mail address (which are made anonymous), webpages visited, time and duration of visit and cookies (which is a text file that is stored on the computer of anyone visiting a website) and similar data generated by used cookies together with, where relevant, so-called pixeltags, through your use of our website, although no such data is linked to a specific person.
How is personal data collected? Personal data is collected and created by cookies and pixeltags through your use of our website. In Setterwalls Cookie Policy, you are further informed about the cookies and data concerned. As mentioned in our cookie policy, you can set your browser so that cookies are not stored or so that approval is requested before a cookie is stored. In this way you can decide if you want to accept or reject each cookie. When you visit our website, you will via a pop-up window have the option to accept or reject cookies during your visit to our site; when you accept cookies, you consent in accordance with our cookie policy to our use of cookies in accordance with that policy.
For which purposes and on which legal grounds will personal data be processed? Personal data will be processed for the purposes of analysing the use of our website and developing the site, respectively. Such processing is carried out on the basis of your above-mentioned consent, and on the basis of our legitimate interest to analyse the use of our website and to develop it, respectively.
With whom will personal data be shared? Personal data will not be disclosed to any third parties, except that the personal data that is collected or generated by Google Analytics cookies (including your IP address) will be transmitted to and stored by Google on servers in the United States, and Google will disclose it to third parties if it is required by law or where such third parties process the information on Google’s behalf; see Setterwalls Cookie Policy for more information about this.
For how long is personal data stored? How long personal data is stored depends on by which cookie the relevant data has been collected; from being stored only as long as you have your browser open (so-called session cookies) to being stored for a maximum of 24 months, in accordance with what is specified for each cookie in Setterwalls Cookie Policy.
6. Personal data relating to other persons
If you are, or are a contact person of, potential client, supplier or collaboration partner to us, we will collect, store and otherwise process personal data relating to you in accordance with this section 6.
Who is data controller? Each office company is controller for the processing carried out by its staff relating to its potential client, supplier and collaboration partner relationships, and is simultaneously processor for Setterwalls and for the other office company/companies, which are covered by the potential client, supplier or collaboration partner relationship.
What personal data will be processed? The personal data we will process comprises name, title, employer, contact details (such as address, e-mail address and telephone number), information on your contact persons with us, information on the specified areas of interest for newsletter and other mailings, information on participation in our seminars and events, as well as notes and summaries from meetings had with you (except in the context of an engagement). We do not process any sensitive personal data (i.e., information revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, or concerning health or sex life). In the context of an engagement, additional personal data will be processed in accordance with section 1.
How is personal data collected? Personal data is provided to or gathered by us in connection with an engagement in accordance with section 1, or is provided to us by, or on behalf of, you, the client, supplier or collaboration partner, the potential client, supplier or collaboration partner, or someone who mediates contact between us, or is collected by us from such persons or from private or public records or other sources.
For which purposes and on which legal grounds will personal data be processed?
- Personal data will be processed in accordance with section 1.
- Personal data will be processed for the purposes of, through you, establishing, maintaining and developing the relationship with you as potential client/supplier/collabora¬tion partner, or contact person of a potential client/supplier/collabora¬tion partner, and, if you have not objected against that, marketing our services (e.g., through invitations to seminars and events, newsletters and other mailings), respectively. Such processing is carried out on the basis of our legitimate interest to establish, maintain and develop relationships with our clients, suppliers and collaboration partners and to market our services, respectively.
With whom will personal data be shares? Personal data will be shared with the other office companies, and our accountants in the performance of their internal audit.
For how long is the personal data stored? Personal data is stored in accordance with section 1 to the extent the data is part of an engagement. In addition, personal data will be stored until you object against that, at which point the data will be deleted.
7. Which rights do you have?
You have rights in relation to us and our processing of your personal data. Information about your rights and how to exercise them is set out below.
We ask you to note that your rights apply to the extent that follows from applicable data protection legislation and that there may be exceptions to the rights where applicable. We also ask you to note that we may need more information from you in order to e.g. confirm your identity before proceeding with your request to exercise your rights.
To exercise your rights or request more information about them, please contact us, which is easiest via e-mail.: privacy@setterwalls.se.
Right to access. You have the right to receive confirmation of whether we process personal data concerning you. If this is the case, you also have the right to access this personal data through a so-called register extract as well as additional information about the processing in question, such as for which purpose or purposes the processing takes place, the categories of personal data concerned and the recipients to whom the personal data have been disclosed.
Right to rectification. You have the right to have incorrect information about you corrected without delay. You may also have the right to complete incomplete information.
Right to erasure. You can request that we delete your personal data without delay if:
- The personal data is no longer necessary for the purposes for which it was collected, or otherwise processed;
- Our personal data processing takes place with the support of your consent, and you revoke your consent to the processing in question (the starting point is, however, that we as employers do not process personal data about employees or those who have applied for a job with us with the support of consent);
- You object to processing that we carry out on the basis of legitimate interests and your objection outweighs our or someone else’s legitimate interest in the processing;
- Personal data has been processed illegally;
- Personal data must be deleted in order to fulfil a legal obligation.
Right to restriction of processing. You have the right to request that we restrict the processing your personal data if:
- You dispute the accuracy of the personal data, during the period which gives us the opportunity to check whether the data is correct or not;
- The processing is illegal, and you object to us deleting your personal data and instead request that we restrict their use;
- We no longer need to process the data for the purposes for which it was collected, at the same time as you need the data to be able to establish, assert or defend legal claims;
- You have objected to the treatment we carry out on the basis of a balance of interests and are awaiting control of whether your objection outweighs our or someone else’s legitimate interest in continuing with the treatment.
Right to object. You have the right to object to such processing of your personal data that takes place based on our or someone else’s legitimate interest. If this happens, in order to continue the processing, we must be able to show compelling justified reasons that outweigh your interests, rights and freedoms.
Right to data portability. If we process your personal data with the support of an agreement with you (or on the basis of your consent), you have the right to obtain the personal data that you have provided to us and that concerns you in an electronic format. You have the right to have the data in question transferred from us directly to another personal data controller, where this is technically possible.
We ask you to note that this right to so-called data portability does not include such data that is processed manually by us.
Right to revocation. If our processing of your personal data is based on your consent, you always have the right to revoke your consent at any time. A revocation of your consent does not affect the legality of the treatment that took place based on the consent before it was revoked.
8. Complaints to the supervisory authority
In Sweden, the Authority for Privacy Protection (Sw. Integritetsskyddsmyndigheten) is the authority responsible for monitoring the application of current data protection legislation. If you believe that we are processing your personal data incorrectly, we encourage you to contact us in the first instance so that we have the opportunity to review your views. However, you can always submit your complaint to the Authority for Privacy Protection.
9. Language versions
This policy is prepared in both a Swedish and an English language version. For data subjects domiciled in Sweden, the Swedish language version shall prevail. For all other data subjects, the English language version shall prevail.
10. Additions and alterations
We may make additions or alterations to this policy. If we do, we will post the updated policy on our website and refer to it in our e-mails and our mailings through our digital mailing/invitation system. In such a case, we ask you to carefully review the updated policy.
11. How can you contact us?
Contact us at privacy@setterwalls.se or at address Setterwalls Advokatbyrå, P.O. Box 1050, SE-101 39 Stockholm, Sweden, P.O. Box 11235, SE-404 25 Göteborg, Sweden, or P.O. Box 4501, SE-203 20 Malmö, Sweden, if you have questions about this policy or our processing of personal data, or otherwise want to exercise any of your rights related to our personal data processing.
____________________
[1] This policy does not relate to our processing of personal data relating to our staff.